Privacy attorney Ron Raether challenges a commission's recent recommendation that the government should support companies that use the hack-back approach to mitigating the theft of intellectual property.
What can U.S. and European organizations learn from Asia-Pac about advanced mobile tech and increasing cyberthreats? That's a question I hope to answer while in Singapore for RSA Conference Asia Pacific 2013.
Attacks aimed at mobile devices are progressing much more rapidly than any attacks ever waged against PCs. Organizations are in danger if they don't pay attention, says anti-phishing expert Dave Jevans.
If everyone supports the idea of sharing cyberthreat information, then why is information sharing so difficult? Shawn Henry, a former investigator with the FBI, tells how organizations can clear their biggest hurdles.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
Breach statistics for 2012 show DDoS attacks dramatically increased in all sectors, says Verizon's Dave Ostertag. "If your organization, company or agency has a presence on the Internet, you're a potential victim now."
As the Payment Card Industry Security Standards Council prepares to update the PCI Data Security Standard, malware attacks aimed at payments networks are garnering attention from fraud professionals, says the council's Jeremy King.
Homeland Security's inspector general office sees significant improvements in cyberthreat information sharing between the government and the private sector. But the IG says more must be done. Here's why.
Providers of technologies employees acquire through unconventional channels that could bypass their employers' supply-chain controls are known as "shadow suppliers." Here's why you should care about them.
New focus for anti-fraud pros: Cloud computing providers whose employees may steal or harm customer data they host. Experts from Carnegie Mellon University's CERT Insider Threat Center offer prevention tips.
Insider threat case study: Dawn Cappelli tells how three individuals quit their jobs at a law firm, then used a free cloud service to sabotage files containing proprietary client information from their ex-employer.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
Security firm Mandiant recently released a widely publicized report detailing cyber-espionage activity originating in China. Mandiant Director Charles Carmakal discusses the latest nation-state threats.